30 matches found
TencentOS Server 3: httpd:2.4 (TSSA-2022:0017)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0017 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
Alibaba Cloud Linux 3 : 0017: httpd:2.4 (ALINUX3-SA-2022:0017)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0017 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-0190: A bug exists in the way...
Oracle Linux 8 : httpd:2.4 (ELSA-2024-3121)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3121 advisory. - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 - Resolves: RHEL-29817 - httpd:2.4/modhttp2: httpd:...
httpd:2.4 security update
httpd 2.4.37-64.0.1 - Replace index.html with Oracle's index page oracleindex.html 2.4.37-64 - Resolves: RHEL-14448 - httpd: modmacro: out-of-bounds read vulnerability CVE-2023-31122 2.4.37-63 - modxml2enc: fix media type handling Resolves: RHEL-14321 modhttp2 1.15.7-10 - Resolves: RHEL-29817 -...
Rocky Linux 8 : httpd:2.4 (RLSA-2020:4751)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:4751 advisory. - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request...
NewStart CGSL MAIN 6.06 : httpd Multiple Vulnerabilities (NS-SA-2023-1001)
The remote NewStart CGSL host, running version MAIN 6.06, has httpd packages installed that are affected by multiple vulnerabilities: - In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily...
K44591505: Apache vulnerabilities CVE-2019-0196, CVE-2019-0197, and CVE-2019-0220
Security Advisory Description CVE-2019-0196 A vulnerability was found in Apache HTTP Server 2.4.17 to 2.4.38. Using fuzzed network input, the http/2 request handling could be made to access freed memory in string comparison when determining the method of a request and thus process the request...
Oracle Linux 8 : httpd:2.4 (ELSA-2020-4751)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4751 advisory. - Resolves: 1823263 CVE-2020-1934 - CVE-2020-1934 httpd: modproxyftp use of uninitialized value - Resolves: 1823259 - CVE-2020-1927 httpd:2.4/httpd:...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update
Red Hat JBoss Core Services Pack Apache Server 2.4.37 Service Pack 3 zip release for RHEL 6, RHEL 7 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 SP3 security update
Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2.4.37 and fix several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of...
Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1289)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Aspera Web Applications (Faspex, Console) are affected by Apache Vulnerabilities (CVE-2019-0196, CVE-2019-0197, CVE-2019-0215, CVE-2019-0217, CVE-2019-0220)
Summary Aspera Web Applications Faspex, Console have addressed the following Apache Vulnerabilities. Vulnerability Details CVEID: CVE-2019-0220 DESCRIPTION: A vulnerability was found in Apache HTTP Server 2.4.0 to 2.4.38. When the path component of a request URL contains multiple consecutive...
Security Bulletin: Vulnerabilities CVE-2019-0196, CVE-2019-0197, and CVE-2019-0220 in the IBM i HTTP Server affect IBM i.
Summary HTTP Server is supported by IBM i. IBM i has addressed the applicable CVEs. This security bulletin has been updated, on August 8, 2019, as superseding IBM i PTFs are available for CVE-2019-0220 for IBM i 7.2, 7.3, and 7.4. This security bulletin has been updated, on June 21, 2019, as...
Important: Red Hat Security Advisory: Red Hat JBoss Core Services Apache HTTP Server 2.4.37 Security Release
Red Hat JBoss Core Services Pack Apache Server 2.4.37 zip release for RHEL 6, RHEL 7 and Microsoft Windows is available. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
Ubuntu: Security Advisory (USN-4113-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-0197
The CVE-2019-0197 entry concerns Apache HTTP Server 2.4.34–2.4.38. When HTTP/2 is enabled for an http: host or H2Upgrade is enabled for h2 on an https: host, an Upgrade request from http/1.1 to http/2 that is not the first request on a connection could cause misconfiguration and crash. Servers th...
CVE-2019-0197
A vulnerability was found in Apache HTTP Server 2.4.34 to 2.4.38. When HTTP/2 was enabled for a http: host or H2Upgrade was enabled for h2 on a https: host, an Upgrade request from http/1.1 to http/2 that was not the first request on a connection could lead to a misconfiguration and crash. Server...
Fedora 30 : httpd (2019-cf7695b470)
Resolves: 1695046 CVE-2019-0196 CVE-2019-0197 CVE-2019-0215 CVE-2019-0217 CVE-2019-0220 httpd: various flaws Resolves: 1694510 httpd-2.4.39 is available Resolves: 1694986 - CVE-2019-0211 httpd: privilege escalation from modules scripts Note that Tenable Network Security has extracted the precedin...
openSUSE: Security Advisory for apache2 (openSUSE-SU-2019:1258-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for apache2 (important)
openSUSE Security Update: Security update for apache2 Announcement ID: openSUSE-SU-2019:1258-1 Rating: important References: 1131233 1131237 1131239 1131241 1131245 Cross-References: CVE-2019-0196 CVE-2019-0197 CVE-2019-0211 CVE-2019-0217 CVE-2019-0220 Affected Products: openSUSE Leap 42.3 An...